FloCon 2019 has ended
Back To Schedule
Wednesday, January 9 • 3:00pm - 5:00pm
Demo & Poster Session

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Various Posters and Concepts will be presented during this session. Our Sponsors will also be on hand to provide demonstrations and answer questions on their various products and services.

Posters Included:
Solutions, Services, and Tools For Enterprise Cognitive Security; David Geddes - Founder/AI Strategist at Cognitive Solutions Alliance
Abstract: The newly formed Cognitive Software Council has formed in response to standards and best practice guidance for solutions, services, and tools that draw on neuroscience inspired artificial intelligence techniques. The Council is focused on commercialization of cognitive systems. This presentation will focus on proposed cyber security advances using cognitive software tools to interpret user or systems intent through real time monitoring, data analysis, continuous planning, and execute commands; all represented in a multi-graph approach. The audience should expect real world screen shots of development environments, insight into structured knowledge in graphs, and actual enterprise customer challenges.

End-to-End Actionable Detection Pipelines, a Netflix Original; Siamac Mirzaie - Senior Analytics Engineer at Netflix
Abstract: The combination of Netflix's culture of Freedom and Responsibility and the sheer size of Netflix's worldwide operations set a unique stage for enterprise security. The need to detect potential malicious activity along a growing attack surface has become paramount. This in turn translates into the need for greater velocity to deploy end-to-end data-driven detection pipelines across a wide range of end points that produce actionable insights for a security analyst.

We will share an approach that enables our teams to deploy brand new detection pipelines using a variety of analytical techniques ranging from simple rules to machine learning in a matter of hours with relatively minimal code work. We will introduce some of the business considerations that propelled that project forward before exploring some of the rationale behind the architecture of this platform. We will then dive deeper into the capabilities of the system with some technical insights into the implementation itself. Finally, we will get a chance to reflect on some of the lessons learned throughout this journey.

Evolving Big Data Analytics in a Rapidly Changing Cyber Environment; Brittany Nicchols - Cloud Software Engineer at Enlighten IT Consultin
Abstract: This poster discusses how analytic approaches evolve in a fast-paced cyber environment. Across an organization, a variety of individuals, including analysts, data scientists, cyber hunters, technical teams, and leadership, need insight into cyber big data that comes from a variety of disparate data sources. Vast differences in users’ technical understanding, exposure to big data, and familiarity with cybersecurity presents analytic developers with myriad challenges. These include dealing with the ever-changing nature of cyberspace, addressing the immediacy of cyber analytic needs, and balancing analytic capabilities with ease of use.

Years of progress, missteps, and lessons learned in analytic development led to current state-of-the art Analytic Basic Loads (ABLs), a suite of analytics and their respective visualizations that assist stakeholders in understanding their network activity and in detecting anomalies. The development of ABLs sprung from a mix of cybersecurity expertise, data science approaches and work with big data from multiple datasets.

The set of ABL analytics at a cyber hunters disposal are analogous to the resources and tools, called basic loads, that the military prepares before an operation. Similarly, an ABL analytic is a prepared tool to support cyber analysts on the cyber battlefield. Each ABL is a specialized cyber analytic that targets and identifies specific security events, such as a high number of failed logins, connections to/from foreign countries, or potential data exfiltration. ABLs may be cascaded together so that the results of one ABL will dynamically alter the behavior a following ABL will target. Ultimately, the ensemble of ABL results will provide a holistic view of network activity in addition to identifying potential malicious activity which assists both Defensive Cyber Operations and NetOps analysts in using big data to solve their problems.

Network Traffic Analysis with SiLK, Information Session for 2019 Release; Nancy Ott - Senior Technical Writer/Editor, SEI
Network Traffic Analysis with SiLK has just been updated to focus on the process for analyzing network events with SiLK.  Nancy Ott (one of the authors) will be distributing copies of the guide and discussing new content for the next release.  Your input is welcome!

avatar for David Geddes

David Geddes

Founder/AI Strategist, Cognitive Solutions Alliance
David Geddes is a second-generation entrepreneur with broad technical experience and a reputation for deal flow support. His undergraduate studies were in Information Systems and Technical Communications. He has significant experience in people management, economic trade, media production... Read More →
avatar for Siamac Mirzaie

Siamac Mirzaie

Senior Analytics Engineer, Netflix
Siamac Mirzaie is an applied Machine Learning practitioner in the Security space. Over the past several years, his work at Netflix has revolved around building end-to-end anomaly detection systems for corporate security. Prior to Netflix, Siamac was a Data Scientist at Facebook HQ... Read More →
avatar for Brittany Nicholls

Brittany Nicholls

Cloud Software Engineer, Enlighten IT Consulting
Brittany Nicholls is a Technical Lead who oversees a team of software engineers at Enlighten IT Consulting, LLC, an Alion Company. She and her team are currently focused on advancing the fusion of cloud analytics and visualizations. These innovative tools assist Defensive Cyber Operations... Read More →
avatar for Nancy Ott

Nancy Ott

Senior Technical Writer/Editor, Carnegie Mellon University - Software Engineering Institute
Nancy Ott is a Senior Technical Writer/Editor at Carnegie Mellon University's Software Engineering Institute. She's been writing about highly technical products for longer than she cares to admit.  Before joining SEI, Nancy worked for Carnegie Mellon University's National Robotics... Read More →

avatar for Anomali


The Anomali suite of threat intelligence solutions empowers organizations to detect, investigate and respond to active cybersecurity threats. The award-winning ThreatStream threat intelligence platform aggregates and optimizes millions of threat indicators, creating a “cyber no-fly... Read More →
avatar for Carahsoft


Carahsoft has built our reputation as a customer-centric organization dedicated to serving the needs of our technology manufacturers, government end users, and reseller ecosystem with Solutions for Government™.We have a proven history of helping government agencies find the best... Read More →
avatar for Columbus Collaboratory

Columbus Collaboratory

Columbus Collaboratory is a rapid innovation company founded by leading companies in seven different industries that delivers business value through advanced analytics and cybersecurity solutions. Our unique model surfaces shared, complex challenges, and operationalizes cognitive... Read More →
avatar for ExtraHop


ExtraHop is built to meet the dynamic needs and scale of the modern hybrid enterprise, from Core to Edge to Cloud. Our platform transforms the network into the most comprehensive, objective source of security and IT visibility while providing the rich data set - wire data - that keeps... Read More →
avatar for MantisNet


MantisNet's in-memory network protocol processing and monitoring solutions enable you to take actionable decisions with real-time network intelligence. Our systems deliver unparalleled depth of high resolution visibility as well as provide the ability to manage, shape and secure network traffic in real-time.   MantisNet solutions complement data-at-res... Read More →
avatar for Napatech


Napatech helps companies to reimagine their business, by bringing hyper-scale computing benefits to IT organizations of every size. We enhance open and standard virtualized servers to boost innovation and release valuable computing resources that improve services and increase revenue.Our... Read More →
avatar for QoSient


QoSient is a global leader in end-to-end performance analysis. QoSient's technology is used to solve complex performance problems for the US Govt, global ISPs, telcos, carriers and large complex enterprises.
avatar for U.S. Army, Office of the Chief of Cyber

U.S. Army, Office of the Chief of Cyber

United States Army Cyber Command (ARCYBER) is the Army’s frontline of defense against hackers, data breaches and network intrusion. They are responsible for maintaining and advancing Army readiness and technological superiority efforts in the midst of changing threats, cyberspace... Read More →
avatar for VirusTotal


VirusTotal was founded in 2004 as a free service that analyzes files and URLs for viruses, worms, trojans and other kinds of malicious content. Our goal is to make the internet a safer place through collaboration between members of the antivirus industry, researchers and end users... Read More →

Wednesday January 9, 2019 3:00pm - 5:00pm EST
Evangeline Suite 300 Bourbon St, New Orleans, LA 70130